Results 1 to 5 of 5

Thread: Mod_Security successfully integrated within nginx zcs-8.0.7

  1. #1
    cvidal is offline Project Contributor
    Join Date
    Dec 2005
    Posts
    150
    Rep Power
    9

    Default Mod_Security successfully integrated within nginx zcs-8.0.7

    Given the high number of attacks that some of my customers suffer constantly, I decided to integrate ModSecurity into Zimbra. As most of these customers use a reverse proxy, I integrated ModSecurity into nginx. The task has been easier than expected, thanks to the clean structure that both Zimbra and ModSecurity have. These are the steps:

    1.- Integrate ModSecurity into nginx into the 8.0.7 OS branch of ThirdParty software
    2.- Install ModSecurity Core Rule Set and tune the rules for Zimbra use

    For the first step I took the patched ModSecurity sources from the Fedora 20 RPM sources ( mod_security-2.7.5-3.fc20.src.rpm ). For the second step I took the Fedora 20 sources (mod_security_crs-2.2.8-2.fc20.src.rpm). The core rules are just config files, no need to compile. I tested all this on CentOS 6.5, but it can easily be converted to a Debian environment.

    The most serious security bugs we have suffered in the last 2 years would have been blocked by ModSecurity with its CRS rules. It would be nice if this could be included as an extra feature inside 9.x.

    The purpose of this post is to tempt others to test what I did, and get some counsel about how to proceed to propose this work to upstream Zimbra.

    The attached tar file contains all the sources and a README with the installation procedure.
    Attached Files Attached Files

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,566
    Rep Power
    57

    Default

    Quote Originally Posted by cvidal View Post
    The most serious security bugs we have suffered in the last 2 years would have been blocked by ModSecurity with its CRS rules. It would be nice if this could be included as an extra feature inside 9.x.
    You'd need to file an RFE in bugzilla for that to be considered.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    cvidal is offline Project Contributor
    Join Date
    Dec 2005
    Posts
    150
    Rep Power
    9

    Default

    Quote Originally Posted by phoenix View Post
    You'd need to file an RFE in bugzilla for that to be considered.
    Thank you Phoenix, just added RFE in bugzille (https://bugzilla.zimbra.com/show_bug.cgi?id=91591)

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,566
    Rep Power
    57

    Default

    Quote Originally Posted by cvidal View Post
    Thank you Phoenix, just added RFE in bugzille (https://bugzilla.zimbra.com/show_bug.cgi?id=91591)
    Thanks for filing that, anything to improve security - always a good idea.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,316
    Rep Power
    13

    Default

    Obviously voted for it 8)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 5
    Last Post: 03-14-2014, 02:20 AM
  2. Replies: 3
    Last Post: 09-26-2011, 03:23 AM
  3. Replies: 8
    Last Post: 03-12-2010, 07:15 AM
  4. Mod_Security on proxy server between Zimbra and Users
    By seba22 in forum Administrators
    Replies: 0
    Last Post: 01-06-2009, 06:10 AM
  5. Replies: 4
    Last Post: 10-05-2007, 06:34 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •